[go: up one dir, main page]

CN101149709A - Encryption processor of memory card and method for reading and writing data using it - Google Patents

Encryption processor of memory card and method for reading and writing data using it Download PDF

Info

Publication number
CN101149709A
CN101149709A CNA2007101676702A CN200710167670A CN101149709A CN 101149709 A CN101149709 A CN 101149709A CN A2007101676702 A CNA2007101676702 A CN A2007101676702A CN 200710167670 A CN200710167670 A CN 200710167670A CN 101149709 A CN101149709 A CN 101149709A
Authority
CN
China
Prior art keywords
data
key
predetermined
encrypted
xor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2007101676702A
Other languages
Chinese (zh)
Other versions
CN101149709B (en
Inventor
尹重喆
金盛铉
金圣贤
金相范
姜相旭
崔哲准
崔钟相
孙巾汉
姜秉润
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Publication of CN101149709A publication Critical patent/CN101149709A/en
Application granted granted Critical
Publication of CN101149709B publication Critical patent/CN101149709B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/34Encoding or coding, e.g. Huffman coding or error correction

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

用于在存储卡的存储芯片中存储已加密数据的加密处理器包括:用于响应于第一信号连续输出预定的数据的FIFO存储器,以及用于响应于第二信号生成预先确定的已加密密钥并且响应于第三信号连续输出密钥的加密密钥生成器。为了连续加密预定的数据,在数据写入操作期间,逻辑运算器利用从所述加密密钥生成器输出的所述密钥对从所述FIFO存储器输出的所述预定的数据执行逻辑运算。为了连续解码所述预定的已加密数据,在数据读取操作期间,所述逻辑运算器利用从所述加密密钥生成器输出的所述密钥对从存储接口接收的已加密数据执行逻辑运算。所述第二信号与所述写入命令或读取命令中的一个同时生成。

Figure 200710167670

An encryption processor for storing encrypted data in a memory chip of a memory card includes a FIFO memory for continuously outputting predetermined data in response to a first signal, and generating a predetermined encrypted encryption key in response to a second signal. key and an encryption key generator that continuously outputs the key in response to the third signal. In order to continuously encrypt predetermined data, a logic operator performs a logic operation on the predetermined data output from the FIFO memory using the key output from the encryption key generator during a data writing operation. In order to continuously decode the predetermined encrypted data, during a data read operation, the logical operator performs a logical operation on the encrypted data received from the storage interface using the key output from the encryption key generator . The second signal is generated simultaneously with one of the write command or the read command.

Figure 200710167670

Description

It carries out the method for reading and writing data the encryption processor of storage card and use
The cross reference of related application
Require to submit on September 11st, 2006, application number is the right of priority of the korean patent application of 10-2006-0087665, its theme is incorporated herein with for referencial use.
Technical field
The present invention relates to storage card, and particularly, relate to the encryption processor of storage card and utilize described encryption processor to read and write the method for data.
Background technology
Storage card is used in and is used for reading writing information in the digital device.The example of digital device such as digital camera, PDA(Personal Digital Assistant), portable music player, mobile phone, personal computer etc.Storage card typically comprises two chips, as flash memory and control chip.For example, the flash memory that is embedded in recently in the conventional memory card has high relatively capacity storage capability.
Typically, storage card will be from the data storage of digital device in the unencrypted flash memory.But flash memory can by unloading, and described data can easily be intercepted by monitoring the bus between control chip and the flash memory.Correspondingly, control chip can comprise that encryption processor encrypts the described tentation data that will store flash memory into.
Typically, encryption processor is at first encrypted tentation data, and stores described predetermined enciphered data in the scheduled unit of first in first out (FIFO) storer.Error correcting code (ECC) value of the data that calculating is stored in described FIFO storer, and be stored to described flash memory.In addition, when the described predetermined encrypted data of decoding, flash interface reads described predetermined encrypted data from described flash memory, and stores described predetermined encrypted data into the FIFO storer.CPU (central processing unit) (CPU) reads described predetermined encrypted data and described predetermined encrypted data is delivered to internal storage from described FIFO storer, as random access storage device (RAM), Electrically Erasable Read Only Memory (EEPROM) or NOR flash memory.Here, the described predetermined encrypted data of described encryption processor decode stored in described internal storage, thus can obtain required data.But, typically described encryption processor long relatively time of cost when encrypting or decoding described data.In addition, CPU also can become overload.
Summary of the invention
One aspect of the present invention provides the encryption processor of storage card, is used for storing ciphered data at storage chip.Described encryption processor comprises: first in first out (FIFO) storer is used for the predetermined data of order output in response to first signal; And encryption key generator, be used for generating predetermined encryption key, and be used for exporting described key in response to the 3rd signal sequence in response to secondary signal.Logical-arithmetic unit during data write operation to from the predetermined data of described FIFO storer output and from the key actuating logic computing of described encryption key generator output, so that order is encrypted described predetermined data.Described predetermined encrypted data is sent to memory interface.In addition, in response to write command with write the address and generate described first signal, secondary signal and the 3rd signal, described secondary signal and write command generate control circuit simultaneously during data write operation.
Described encryption processor can comprise error detect circuit, its be used for when with described predetermined encrypted data when described logical-arithmetic unit sends to described memory interface, detect the mistake in the described predetermined encrypted data.Described error detect circuit can use error correcting code (ECC).Encryption key generator can use data encryption standards (DES).In addition, logical-arithmetic unit can be carried out the XOR computing, and described key can be the XOR key.Encryption key generator also can comprise: register is used to store the described predetermined XOR key of having encrypted; And XOR key FIFO storer, be used for the described predetermined XOR key of having encrypted that interim storage receives from described register, and be used in response to the predetermined XOR key of having encrypted of described the 3rd signal sequence output.
Described encryption key generator can receive at least one initialization key in response to secondary signal, to generate the XOR key of having encrypted.When described initialization key was identical, described encryption key generator can generate the identical XOR key of having encrypted.In addition, the described initialization key that is used to the to encrypt tentation data described predetermined encrypted data that is used to decode.Described encryption key generator can initially receive initialization key in response to secondary signal, generating an XOR key, and can receive at least one described predetermined XOR key of having encrypted to generate XOR key subsequently.The described initialization key that is used for encrypting described predetermined data can be stored in storer.
Another aspect of the present invention provides the encryption processor of storage card, is used for recovering to be stored in the encrypted data of storage chip, and described encryption processor comprises encryption key generator, logical-arithmetic unit and control circuit.Described encryption key generator generates key in response to first signal, and exports described key in response to the secondary signal order.Logical-arithmetic unit utilizes the predetermined encrypted data actuating logic computing of described key to sending from memory interface from described encryption key generator output, with the described predetermined encrypted data of decoding in proper order during data read operation.Control circuit generates described first signal and secondary signal in response to reading order and data read address during described data read operation, described first signal and described reading order generate simultaneously.
Another aspect of the present invention provides the encryption processor of storage card, and described storage card is stored ciphered data in storage chip.Described encryption processor comprises: the FIFO storer is used in response to the predetermined data of first signal sequence output; Encryption key generator is used for generating predetermined encryption key in response to secondary signal, and is used for exporting described key in response to the 3rd signal sequence.Described encryption processor also comprises logical-arithmetic unit, be used for during data write operation, utilization is encrypted described predetermined data and is sent it to memory interface with order from the described predetermined data actuating logic computing of described key to exporting from described FIFO storer of described encryption key generator output.Described logical-arithmetic unit is also during data read operation, utilization also sends to described FIFO storer with described decoded data from the described encrypted data actuating logic computing of described key to receiving from described memory interface of described encryption key generator output with the described predetermined encrypted data of decoding in proper order.Control circuit during data write operation in response to write command with write the address and generate described first signal, secondary signal and the 3rd signal, and during described data read operation in response to reading order with read the address and generate described secondary signal and the 3rd signal.Described secondary signal and one of said write order or described reading order generate simultaneously.Described storage chip can comprise flash memory, and described storage card comprises subscriber identity module (SIM) card.
Another aspect of the present invention provides and has utilized encryption key to write data and from its method that reads, described encryption key is used for the Code And Decode data to the storage chip of storage card respectively.Described method comprises: the signal that generates the data write command simultaneously and be used to generate the XOR key, and generate the described predetermined XOR key of having encrypted in response to the signal that is generated at least; Utilize the described predetermined XOR cipher key sequence of having encrypted that data are carried out the XOR computing, to obtain encrypted data; And described predetermined encrypted data is stored in the storage chip.Described method also comprises: the signal that generates data read command simultaneously and be used to generate the described XOR key of having encrypted, and generate the described predetermined XOR key of having encrypted in response to the signal that is generated at least; Read the described encrypted data of having stored from described storage chip; Utilize the described predetermined XOR key of having encrypted that described predetermined encrypted data is carried out the XOR computing in proper order, to obtain decoded data corresponding to described data; And described decoded data are sent to the interior arrangement of storage card or send to external device (ED).
Can in described storage card, generate the data write command and write the address, can in described storage card, generate data read command and the predetermined XOR key of having encrypted.Described predetermined encrypted data is stored in step on the described storage chip can comprises the data write command, write the address and described predetermined encrypted data sends to described storage card, and the step that reads the described encrypted data of having stored can comprise data read command and data read address are sent to described storage card.Can on storage chip, store described predetermined encrypted data according to data cell
Described method also can comprise: receive the initialization key that can store from the CPU (central processing unit) of described storage card; And when receiving described data write command and data read command, generate the described predetermined XOR key of having encrypted based on described initialization key.The described XOR key of having encrypted is in response to identical initialization key and generates, and the described identical initialization key that is used to the to encrypt predetermined data described encrypted data of having stored that can be used to decode.Described encryption key generator can no longer receive described initialization key after an XOR key that generates the described predetermined XOR key of having encrypted, but can be used as input and receive other XOR key of the described predetermined XOR key of having encrypted, to generate the XOR key of having encrypted continuously.The described predetermined XOR key of having encrypted can be stored among the XOR key FIFO of described encryption key generator.
Described storage chip to storage card writes data and also can comprise in response to receiving data write command and said write address from the method for its reading of data and to generate first control signal and second control signal.The step of described execution XOR computing can comprise then: in response to described first control signal from described FIFO storer output data; And the XOR key of being scheduled to from the described predetermined XOR key FIFO storer of having encrypted output in response to described second control signal of having encrypted.Described method also can comprise: when described predetermined encrypted data is sent to described storage chip, detect error in data; And calculate and storage corresponding to the error correction values of described predetermined encrypted data.
Can use the 2nd XOR key on second data, to carry out described XOR computing, obtaining second encrypted data, and use first encrypted data of an XOR secret key encryption to be stored on the described storage chip by memory interface.In addition, the step of the predetermined XOR key of having encrypted of described generation also comprises: according to described data read command and described data read address, the storage chip from described memory interface reads described predetermined encrypted data; And when the described predetermined encrypted data that sends from described memory interface, come the correction of data error of transmission according to the error correction values of being stored.
The step that reads predetermined encrypted data from described storage chip also can comprise: generate the 3rd control signal in response to receiving data read command and data read address, make the step of carrying out described XOR computing comprise:, to export described predetermined encrypted data from described memory interface in response to described the 3rd control signal; And, export the described predetermined XOR key of having encrypted from the described predetermined XOR key FIFO storer of having encrypted in response to described second control signal.Described decoded data can be stored in the described FIFO storer.
Description of drawings
To embodiments of the invention be described with reference to appended accompanying drawing, wherein:
Fig. 1 is the block diagram of the memory card system with encryption processor of example embodiment according to the present invention;
Fig. 2 is the block diagram of the encryption processor of example embodiment according to the present invention;
Fig. 3 is the block diagram of the encryption key generator of example embodiment according to the present invention;
Fig. 4 is the process flow diagram that the use encryption processor of diagram example embodiment according to the present invention writes the method for data;
Fig. 5 is example embodiment according to the present invention, the sequential chart of the flash memory when writing data and the operation in the encryption processor;
Fig. 6 is the process flow diagram of explanation method of the use encryption processor reading of data of example embodiment according to the present invention; And
Fig. 7 is example embodiment according to the present invention, the sequential chart of the flash memory when reading of data and the operation in the encryption processor.
Embodiment
The present invention, example embodiment of the present invention shown in the drawings will more intactly be described with reference to the accompanying drawings.Yet the present invention can implement with multiple different form, and should not be construed as and only be limited to illustrated embodiment.Be more suitable for ground, these embodiment provide as an example, in order to pass on design of the present invention to those skilled in the art.Correspondingly, some embodiments of the present invention are not described by known process, element and technology.In institute's drawings attached and the instructions write, identical Reference numeral will be used to indicate same or analogous element all the time.
Fig. 1 according to the present invention example embodiment, comprise the block diagram of the memory card system of encryption processor.Memory card system comprises storage card 10 and main frame 20.
Main frame 20 can be can with various device that storage card docks in any one, for example computer system, PDA, digital camera, mobile phone, card reader etc.Storage card 10 is electrically connected to main frame 20, and can be permanent connection or dismountable.Storage card 10 can be the storage card that has merged any type of flash memory, and for example, (CF) card, intelligent medium (SM) card, memory stick, multimedia card (MMC), secure digital (SD) card, subscriber identity module (SIM) card and analog are dodged in compression.Main frame 20 provides data to write, read and erase command to storage card 10, and according to the data address and the control signal of these orders.
Storage card 10 writes data to flash memory 200 in response to the correspondence order from main frame 20 or from its reading of data.With reference to figure 1, storage card 10 comprises control chip 100 and flash memory 200.Control chip 100 is controlled at Data Receiving and the transmission between main frame 20 and the flash memory 200.Control chip 100 comprises host interface 110, memory buffer 120, encryption processor 130, flash interface 140 and CPU (central processing unit) (CPU) 150.
Host interface 110 provides the interface between main frame 20 and the storage card 10.Host interface 110 receives order, address and control signal from main frame 20, and it is delivered to CPU 150.Described order can comprise and writes, reads and erase command.Host interface 110 can merge the interface with electrical connection according to multiple standards or standard, and such interface comprises for example personal computer memory card League of Nations (PCMCIA), USB (universal serial bus) (USB), gaming platform 2 (PS2) etc.
The data that memory buffer 120 storages will be written to flash memory 200 or read from flash memory 200.When writing data, memory buffer 120 receives from host interface 110 and writes data.For example, memory buffer 120 can be static RAM (SRAM).
Encryption processor 130 is encrypted the data that are stored in the memory buffer 120, and according to write operation predetermined encrypted data is delivered to flash interface 140.Encryption processor 130 is also deciphered the data that (decoding) reads from flash memory 200, and according to read operation with decrypted data delivery to memory buffer 120.
Dock between 140 pairs of control chips 100 of flash interface and the flash memory 200.Flash interface 140 sends to flash memory 200 with encryption processor 130 ciphered data during write operation.In addition, flash interface 140 will send to encryption processor 130 from the enciphered data that flash memory 200 reads during read operation.
CPU 150 is CPU (central processing unit), and the operation of control chip 100 is controlled.CPU150 comes main control system interface 110, memory buffer 120 and encryption processor 130 according to the order, address and the control signal that receive from host interface 110.
Fig. 2 is the block diagram of the encryption processor 130 of the example embodiment according to the present invention.With reference to figure 2, encryption processor 130 comprises control circuit 131, first in first out (FIFO) storer 132, encryption key generator 133, XOR (XOR) arithmetical unit 134 and error correction circuit (ECC) 135.
Control circuit 131 receives corresponding to data from CPU 150 and writes, reads order and address with erase operation, and generates control signal DFS, EES, XFS and FIS in response.Control circuit 131 is according to FIFO storer 132, encryption key generator 133 and the error correction circuit 135 of control signal DFS, EES, XFS and FIS control encryption processor 130, and flash interface 140.
FIFO storer 132 is memory devices, its be configured to with the identical order output data of input data (as, the data of input output earlier earlier).FIFO storer 132 is operated by the first in first out tabulation.
FIFO storer 132 comprises a plurality of m byte register (not shown).During write operation, FIFO storer 132 in response to from the control signal DFS of control circuit 131 and from buffering storer 120 receive continuously the m bytes data D1, D2 ....Then, FIFO storer 132 with data D1, the D2 of the m byte that received ... be sent to XOR arithmetical unit 134 continuously.During read operation, FIFO132 in response to from the control signal DFS of control circuit 131 from XOR arithmetical unit 134 receive continuously the m bytes data D1, D2 ..., and then with the m byte data D1, the D2 that are received ... send to memory buffer 120 continuously.Control circuit 131 from CPU 150 receive data to flash memory 200 write with data read command generating control signal DFS, and correspondingly control signal DFS is sent to FIFO storer 132.
Encryption key generator 133 is in response to the XOR key of control signal EES generation m byte, and it can be encrypted.More specifically, encryption key generator 133 from CPU 150 receive encryption key EK and main XOR key MK with generate a plurality of XOR key XK1, XK2 that encrypted ....When receiving identical encryption key EK from CPU 150 with identical main XOR key MK, encryption key generator 133 generate identical the XOR key XK1, the XK2 that have encrypted ....Encryption key generator 133 can comprise be used to store a plurality of XOR key XK1, XK2 ... the register (not shown).
Encryption key EK and main XOR key MK can generate by CPU 150 or additional initialization key (not shown).The encryption key EK and the main XOR key MK that are used to encrypt tentation data are used to decipher predetermined encrypted data with being equal to.In order to finish this, when encrypting described data, CPU 150 or the storage of initialization key maker (not shown) are delivered to the encryption key EK and the main XOR key MK of encryption key generator 133.When decoding the encrypted data of being scheduled to, CPU 150 or initialization key maker are sent encryption key EK in encryption key generator 133 and the main XOR key MK that is stored.In one embodiment, the initialization key maker can merge in the encryption key generator 133.
During data write operation, XOR arithmetical unit 134 utilize predetermined the XOR key XK1, the XK2 that have encrypted that encryption key generator 133 generates ..., predetermined data D1, the D2 that FIFO storer 132 is provided ... carry out the XOR computing continuously, with provide ciphered data ED1, ED2 ....XOR arithmetical unit 134 sends to flash interface 140 with the XOR operation result.Predetermined encrypted data ED1, the ED2 that causes by the XOR computing ... the equation 1 below satisfying, wherein " U " indicates the XOR computing:
D1?U?XK1=ED1
D2?U?XK2=ED2
...
Dm U XKm=EDm (equation 1)
During data read operation, XOR arithmetical unit 134 utilize predetermined the XOR key XK1, the XK2 that have encrypted that generate by encryption key generator 133 ..., to predetermined encrypted data ED1, the ED2 that provide by flash interface 140 ..., carry out the XOR computing.During data read operation, predetermined the XOR key XK1, the XK2 that have encrypted that generates from encryption key generator 133 ... with before be used for enciphered data D1, D2 ... predetermined the XOR key XK1, the XK2 that have encrypted ... identical.To be CPU 150 or initialization key maker send identical encryption key EK and main XOR key MK to reason during data write operation and data read operation.Correspondingly, the XOR operation result be decoded data D1, D2 ....According to the XOR computation performance, decoded data D1, D2 ... the equation 2 below satisfying:
ED1?U?XK1=(D1?U?XK1)U?XK1=D1
ED2?U?XK2=(D2?U?XK2)U?XK2=D2
...
EDm U XKm=(Dm U XKm) U XKm=Dm (equation 2)
Error correction circuit (ECC) 135 be connected between flash interface 140 and the XOR arithmetical unit 134 be corrected in transmit predetermined encrypted data ED1, ED2 ... the time contingent error of transmission.Error correction circuit 135 calculate predetermined encrypted data ED1, ED2 ... the error correction code value, and be stored to then in the flash interface 140.Error correction circuit 135 compares error correction code value and data during data read operation, with the correction of data error of transmission.
Yet, error correction circuit 135 can only detect when predetermined encrypted data ED1, ED2 ... the mistake when just being transmitted.In order to correct detected mistake, error correction circuit 135 memories predetermined encrypted data ED1, ED2 ... in error bit.Then, with predetermined the XOR key XK1, the XK2 that have encrypted ... to predetermined encrypted data ED1, ED2 ... carry out the XOR computing, with the decoding reading of data.Here, can determine decoded data D1 ', D2 ' ... (corresponding to initial data D1, D2 ...) have a mistake.In order to correct a mistake, CPU 150 receives to be designated from error correction circuit 135 has each wrong position, and be corrected in then decoded data D1 ', D2 ' ... in corresponding position.Corresponding position is carried out mistake according to the XOR computation performance and is changed from the logical zero to the logical one or from the logical one to the logical zero.
Encryption processor 130 provide simultaneously write with reading order and when write data to flash memory 200 and generate during from its reading of data the XOR key XK1, the XK2 that have encrypted that are scheduled to ....Predetermined the XOR key XK1, the XK2 that have encrypted that encryption processor 130 utilization generates during data write operation ... to predetermined data D1, D2 ... carry out the XOR computing, so as to send predetermined encrypted data ED1, ED2 ....In addition, identical the XOR key XK1, the XK2 that have encrypted that encryption processor 130 utilization is used during data write operation ... to predetermined encrypted data ED1, ED2 ... carry out the XOR computing, with decoding during data read operation predetermined encrypted data ED1, ED2 ....Decoded data are sent to memory buffer 120 then.Correspondingly, encrypt predetermined data D1, D2 ... and/or predetermined encrypted data ED1, the ED2 of decoding ... the required time has reduced than traditional method.
The storage card that utilizes the conventional cryptography processor as intermediate medium, comes memory buffer enciphered data or decodes ciphered data.Yet the encryption processor 130 of present embodiment does not need to be used for the memory buffer of the predetermined encrypted data of enciphered data or decoding.Therefore, the storage card of the encryption processor 130 of use present embodiment needs the task of less CPU 150 than traditional storage card.
Fig. 3 is the block diagram of the encryption key generator 133 of example embodiment, Fig. 2 according to the present invention.With reference to figure 3, encryption key generator 133 comprises multiplexer 136, crypto engine 137, XOR key register 138 and XOR key FIFO storer 139.
With reference to figure 3, encryption key generator 133 from CPU 150 receive encryption key EK and main XOR key MK with generate a plurality of XOR key XK1, XK2 ....
Multiplexer 136 select the main XOR key MK that sends from CPU 150 and the XOR key XK1, the XK2 that are generated ... in one.Selected key is offered crypto engine 137.Crypto engine 137 receives from the encryption key EK of CPU 150 and the key of sending from multiplexer 136, and generate predetermined the XOR key XK1, the XK2 that have encrypted continuously ....The storing predetermined XOR key XK1, the XK2 that have encrypted of XOR register 138 ..., it is generated by crypto engine 137.
In an embodiment, crypto engine 137 for example can use data encryption standards (DES), with generate XOR key XK1, the XK2 encrypted ....DES is the Encryption Tool by the IBM exploitation, and is the public encryption system that was adopted by NBS in 1974.The DES algorithm comprises displacement (permutation), replacement and modulo operation.Key is depended in the security of public encryption system fully.That is, if there is not key, then ciphered data can't be decoded as primary data, even and when predetermined encrypted data and primary data exist, can not determine key.In field of encryption, used unidirectional (one-way) function, that is, and Hamming (hamming) function.In one-way function, the y among the y=f (x) can easily obtain by x, but x can not obtain by y.That is to say that predetermined encrypted data can utilize key to obtain from primary data, if but there is not key, then can not obtain primary data from predetermined encrypted data.
Predetermined 139 pairs of the XOR key FIFO storeies of having encrypted be stored in predetermined the XOR key XK1, the XK2 that have encrypted in the XOR register 138 ... store temporarily.The XOR key XK1, the XK2 that have encrypted that the predetermined XOR key FIFO storer of having encrypted 139 will be scheduled in response to control signal XFS ... be sent to XOR arithmetical unit 134 continuously.
Fig. 4 is the process flow diagram that the use encryption processor 130 of diagram example embodiment according to the present invention writes the method for data.Fig. 5 is the sequential chart of the respective operations in flash memory 200 and the encryption processor 130 when writing data.Fig. 5 indicated in encryption processor 130 with known pin on the relevant operation of demonstration signaling, described signaling for example control pin command latch enable (CLE), address latch enable (ALE), chip enable (/CE), write and enable (/WE) and read to enable (/RE), and data I/O pin (I/Ox).With reference to Figure 4 and 5, the method that flash memory is write data is as follows.
At step S10, generate data write command and XOR key, it can generate simultaneously.Particularly, during data write operation, CPU 150 sends data write command and address to the control circuit 131 of encryption processor 130.CPU 150 makes that also the data that will be written to flash memory 200 send to memory buffer 120 from host interface 110.The data that are stored in the memory buffer 120 are sent out and store into the FIFO storer 132 that it is stored in then, as store in the predetermined unit.In addition, CPU 150 sends to encryption key generator 133 with key EK and MK, and it is used to encrypt the predetermined data that will be written to flash memory 200.CPU 150 can store key EK and the MK that is sent into the register (not shown).In response to sending, utilize key EK and MK to generate the predetermined XOR key of having encrypted from the control signal EES that controls circuit 131.Can with the write command EES that side by side generates and/or transmit control signal.
The encryption key generator 133 that receives key EK and MK from CPU 150 generate XOR key XK1, XK2 ....With reference to figure 5, the predetermined XOR key XK1, the XK2 that have encrypted ... in each step, generate, and can be scheduled.With reference to figure 5, before the address is sent to flash memory 200, encryption key generator 133 generate XOR key XK1 ..., XKn.The XOR key XK1 that is generated ..., XKn is stored in the predetermined XOR key FIFO storer of having encrypted 139 of encryption key generator 133.
At this moment, XOR arithmetical unit 134 in response to control signal DFS from FIFO storer 132 receive previously stored data D1 ..., Dn, and in response to control signal XFS from the predetermined XOR key FIFO storer of having encrypted 139 receive previously stored XOR key XK1 ..., XKn.Then, specified as the step S12 of Fig. 4, XOR arithmetical unit 134 utilize the predetermined XOR key XK1 that has encrypted ..., XKn to predetermined data D1 ..., Dn carries out the XOR computing, with generate ciphered data ED1 ..., EDn.In response to control signal FIS, in step S14 with predetermined encrypted data ED1 ..., EDn stores flash memory 200 into.
With reference to figure 5, encrypted data ED1 that will be predetermined ..., when EDn stores flash memory 200 into, the encryption key generator 133 of encryption processor 130 generate XOR key XK (n+1) ..., XK (2n), it is stored in the predetermined XOR key FIFO storer of having encrypted 139.XOR arithmetical unit 134 utilize the predetermined XOR key XK (n+1) that has encrypted ..., XK (2n) to predetermined data D (n+1) ..., D (2n) carries out the XOR computing, with generate predetermined encrypted data ED (n+1) ..., ED (2n).
Similarly, the encrypted data ED (n+1) that will be generated ..., when ED (2n) stores in the flash memory 200, encryption key generator 133 generate XOR key XK (2n+1) ..., XK (3n), it is stored in the predetermined XOR key FIFO storer of having encrypted 139.XOR arithmetical unit 134 utilize then the predetermined XOR key XK (2n+1) that has encrypted ..., XK (3n) to predetermined data D (2n+1) ..., D (3n) carries out the XOR computing, with generate encrypted data ED (2n+1) ..., ED (3n).
Refer again to Fig. 5, encrypted and be sent to (or afterwards) when storing in the flash memory 200 when data set, generate continuous a plurality of XOR keysets.Yet the present invention is not restricted to this embodiment.Encryption key generator 133 can generate a plurality of XOR keysets during the data write command, and then they is stored into the predetermined XOR key FIFO storer of having encrypted 139.
As above, in the step S12 of Fig. 4, utilize predetermined XOR key that data are carried out the XOR computing.More specifically, control circuit 131 generates control signal DFS and XFS, and it is sent to the FIFO storer 132 and the predetermined XOR key FIFO storer of having encrypted 139 of key generator 133 respectively.In response to control signal DFS, FIFO storer 132 sends to XOR arithmetical unit 134 with previously stored data.In response to control signal XFS, the predetermined XOR key FIFO storer of having encrypted 139 sends to XOR arithmetical unit 134 with previous stored XOR key.XOR arithmetical unit 134 utilizes the predetermined XOR key of having encrypted that predetermined data are carried out the XOR computing to generate predetermined encrypted data.
In step S14, predetermined encrypted data ED1, ED2 ... be stored in flash memory 200.Flash memory 200 among Fig. 1 is shown as with control chip 100 and separates, but the present invention is not restricted to this configuration.For example, storage card 10 can comprise control chip 100 and flash memory 200 on a chip, and does not break away from the spirit and scope of the present invention.
Fig. 6 is the process flow diagram of diagram method of use encryption processor 130 reading of data of example embodiment according to the present invention.Fig. 7 is the sequential chart of respective operations in flash memory and the encryption processor 130 when reading of data.With reference to figure 6 and 7, as follows from the method for flash memory 200 reading of data.
In step S20, generation data read command and XOR key XK1, XK2 ..., it can generate simultaneously.During data read operation, CPU 150 sends to control circuit 131 with data read command and address.CPU 150 sends to encryption key generator 133 with key EK and MK, and it is used to encrypt predetermined data.Correspondingly, be used for encrypted secret key EK and the MK ciphered data that is used to decode.Encryption key generator 133 receives encryption key EK and main XOR key MK from CPU 150, with generate a plurality of XOR key XK1, XK2 ....Can utilize key EK and MK to generate the predetermined XOR key of having encrypted in response to sending from the control signal EES that controls circuit 131.Can with the data read command EES that side by side generates and/or transmit control signal.
With reference to figure 7, the input data read command after, have time enough with generate predetermined the XOR key XK1, the XK2 that have encrypted ..., be read up to data.XOR key XK1, the XK2 that is generated ... be stored in the predetermined XOR key FIFO storer of having encrypted 139.
At step S22, utilize predetermined XOR key that predetermined encrypted data is carried out the XOR computing, to decode.A data read command and an address that control circuit 131 receives from CPU 150 are to generate control signal FIS and XFS.In response to control signal FIS, as shown in Figure 7, flash interface 140 with predetermined encrypted data ED1, ED2 ... be sent to XOR arithmetical unit 134 continuously.Further, in response to control signal XFS, be stored in predetermined XOR key XK1, XK2 in the predetermined XOR key FIFO storer of having encrypted 139 ... be sent to XOR arithmetical unit 134 continuously.XOR arithmetical unit 134 utilize predetermined the XOR key XK1, the XK2 that have encrypted ... to predetermined encrypted data ED1, ED2 ... carry out the XOR computing, with decode encrypted data ED1, ED2 predetermined ..., thereby obtain decoded data D1, D2 ....Decoded data D1, D2 ... be sent to FIFO storer 132.
In the step S24 of Fig. 6, decoded data D1, D2 ... be sent to the internal module of external device (ED) (for example main frame 20) or control chip 100.At step S22, CPU 150 makes the data that will be stored in the FIFO storer 132 send to memory buffer 120.The data that are sent to memory buffer 120 may be transmitted by CPU 150, and then are sent to external device (ED).
According to encryption processor and utilize encryption processor of the present invention to write method with reading of data, with respect to traditional method, write with reading of data in generate the XOR key, so data can be by fast encrypt or deciphering.In addition, CPU will carry out less task.
Though described the present invention with reference to example embodiment, obviously can carry out multiple change and modification to one skilled in the art, and not free the spirit and scope of the present invention.Therefore, should be appreciated that the foregoing description be not used in the restriction and only be illustrative.

Claims (34)

1.一种存储卡的加密处理器,该存储卡用于在存储芯片中存储已加密的数据,所述加密处理器包括:1. An encryption processor of a memory card, the memory card is used to store encrypted data in a memory chip, and the encryption processor comprises: 先进先出(FIFO)存储器,用于响应于第一信号而顺序输出预定的数据;a first-in-first-out (FIFO) memory for sequentially outputting predetermined data in response to the first signal; 加密密钥生成器,用于响应于第二信号而生成预定的已加密密钥,并用于响应于第三信号顺序输出所述预定的已加密密钥;an encryption key generator for generating a predetermined encrypted key in response to the second signal, and for sequentially outputting the predetermined encrypted key in response to the third signal; 逻辑运算器,用于在数据写入操作期间对从所述FIFO存储器输出的预定的数据以及从所述加密密钥生成器输出的预定的已加密密钥执行逻辑运算,以便顺序加密所述预定的数据,所述预定的已加密数据被发送到存储器接口;以及a logic operator for performing a logic operation on predetermined data output from said FIFO memory and a predetermined encrypted key output from said encryption key generator during a data write operation, so as to sequentially encrypt said predetermined data, the predetermined encrypted data is sent to the memory interface; and 控制电路,用于在数据写入操作期间响应于写入命令和写入地址而生成所述第一信号、第二信号和第三信号,所述第二信号和写入命令同时生成。A control circuit for generating the first, second and third signals in response to a write command and a write address during a data write operation, the second signal and the write command being generated simultaneously. 2.如权利要求1所述的加密处理器,还包括:2. The encryption processor of claim 1, further comprising: 错误检测电路,当将所述预定的已加密数据从所述逻辑运算器发送到所述存储器接口时,检测所述预定的已加密数据中的错误。An error detection circuit detects an error in the predetermined encrypted data when the predetermined encrypted data is sent from the logic operator to the memory interface. 3.如权利要求2所述的加密处理器,其中所述错误检测电路使用纠错码(ECC)。3. The encryption processor of claim 2, wherein the error detection circuit uses an error correction code (ECC). 4.如权利要求1所述的加密处理器,其中所述加密密钥生成器使用数据加密标准(DES)。4. The encryption processor of claim 1, wherein the encryption key generator uses Data Encryption Standard (DES). 5.如权利要求4所述的加密处理器,其中所述逻辑运算器执行XOR运算,并且所述密钥包括XOR密钥。5. The cryptographic processor of claim 4, wherein the logic operator performs an XOR operation, and the key comprises an XOR key. 6.如权利要求5所述的加密处理器,其中所述加密密钥生成器响应于所述第二信号接收至少一个初始化密钥,以生成已加密的XOR密钥。6. The encryption processor of claim 5, wherein the encryption key generator receives at least one initialization key in response to the second signal to generate an encrypted XOR key. 7.如权利要求6所述的加密处理器,其中当所述至少一个初始化密钥相同时,所述加密密钥生成器生成相同的已加密的XOR密钥。7. The encryption processor of claim 6, wherein the encryption key generator generates the same encrypted XOR key when the at least one initialization key is the same. 8.如权利要求7所述的加密处理器,其中用于加密预定数据的所述至少一个初始化密钥被用于解码所述预定的已加密数据。8. The encryption processor of claim 7, wherein said at least one initialization key used to encrypt predetermined data is used to decode said predetermined encrypted data. 9.如权利要求8所述的加密处理器,还包括:9. The cryptographic processor of claim 8, further comprising: 存储器,用于存储用于加密所述预定的数据的所述初始化密钥。a memory for storing the initialization key used to encrypt the predetermined data. 10.如权利要求6所述的加密处理器,其中所述加密密钥生成器响应于第二信号初始地接收至少一个初始化密钥,以生成第一预定的已加密的XOR密钥,并且接收至少一个所述预定的已加密的XOR密钥以生成随后的预定的已加密的XOR密钥。10. The encryption processor of claim 6, wherein said encryption key generator initially receives at least one initialization key in response to a second signal to generate a first predetermined encrypted XOR key, and receives at least one of said predetermined encrypted XOR keys to generate subsequent predetermined encrypted XOR keys. 11.如权利要求10所述的加密处理器,其中所述加密密钥生成器包括:11. The encryption processor of claim 10, wherein the encryption key generator comprises: 寄存器,用于存储所述预定的已加密的XOR密钥;以及a register for storing said predetermined encrypted XOR key; and XOR密钥FIFO存储器,用于临时存储从所述寄存器接收的所述预定的已加密的XOR密钥,以及用于响应于所述第三信号顺序输出预定的已加密的XOR密钥。an XOR key FIFO memory for temporarily storing the predetermined encrypted XOR key received from the register, and for sequentially outputting the predetermined encrypted XOR key in response to the third signal. 12.一种存储卡的加密处理器,用于恢复存储在存储芯片中的已加密数据,所述加密处理器包括:12. An encryption processor of a memory card, used to restore encrypted data stored in a memory chip, said encryption processor comprising: 加密密钥生成器,用于响应于第一信号生成预定的已加密密钥,以及响应于第二信号顺序输出所述预定的已加密密钥;an encryption key generator for generating a predetermined encrypted key in response to the first signal, and sequentially outputting the predetermined encrypted key in response to the second signal; 逻辑运算器,用于在数据读取操作期间利用从所述加密密钥生成器输出的所述预定的已加密密钥对从存储器接口发送的预定的已加密数据执行逻辑运算,以顺序解码所述预定的已加密数据;以及a logic operator for performing a logic operation on predetermined encrypted data sent from the memory interface using the predetermined encrypted key output from the encryption key generator during a data read operation to sequentially decode the encrypted data the predetermined encrypted data; and 控制电路,用于在所述数据读取操作期间响应于读取命令和数据读取地址来生成所述第一信号和第二信号,所述第一信号和所述读取命令同时生成。A control circuit for generating the first signal and the second signal in response to a read command and a data read address during the data read operation, the first signal and the read command being generated simultaneously. 13.一种存储卡的加密处理器,所述存储卡在存储芯片中存储已加密的数据,所述加密处理器包括:13. An encryption processor of a memory card, the memory card stores encrypted data in a memory chip, the encryption processor comprises: FIFO存储器,用于响应于第一信号顺序输出预定的数据;a FIFO memory for sequentially outputting predetermined data in response to the first signal; 加密密钥生成器,用于响应于第二信号生成预定的已加密密钥,以及用于响应于第三信号顺序输出所述预定的已加密密钥;an encryption key generator for generating a predetermined encrypted key in response to the second signal, and for sequentially outputting the predetermined encrypted key in response to the third signal; 逻辑运算器,用于在数据写入操作期间,利用从所述加密密钥生成器输出的所述预定的已加密密钥对从所述FIFO存储器输出的所述预定的数据执行逻辑运算,以顺序加密所述预定的数据并将其发送到存储器接口;以及在数据读取操作期间,利用从所述加密密钥生成器输出的所述预定的已加密密钥对从所述存储器接口接收的所述预定的已加密数据执行逻辑运算,以顺序解码所述预定的已加密数据并将所述已解码的数据发送到所述FIFO存储器;以及a logical operator for performing a logical operation on the predetermined data output from the FIFO memory using the predetermined encrypted key output from the encryption key generator during a data write operation, to sequentially encrypting said predetermined data and sending it to a memory interface; and during a data read operation, utilizing said predetermined encrypted key pair output from said encryption key generator to receive from said memory interface performing a logical operation on the predetermined encrypted data to sequentially decode the predetermined encrypted data and send the decoded data to the FIFO memory; and 控制电路,用于在数据写入操作期间响应于写入命令和写入地址而生成所述第一信号、第二信号和第三信号,并且在所述数据读取操作期间响应于读取命令和读取地址生成所述第二信号和第三信号,所述第二信号与所述写入命令或者所述读取命令之一同时生成。a control circuit for generating said first signal, second signal and third signal in response to a write command and a write address during a data write operation, and in response to a read command during said data read operation and read address to generate the second signal and the third signal, the second signal is generated simultaneously with one of the write command or the read command. 14.如权利要求1所述的加密处理器,其中所述存储芯片包括闪存。14. The cryptographic processor of claim 1, wherein the memory chip comprises flash memory. 15.如权利要求1所述的加密处理器,其中所述存储卡包括订户身份模块(SIM)卡。15. The cryptographic processor of claim 1, wherein the memory card comprises a Subscriber Identity Module (SIM) card. 16.一种分别利用加密密钥向存储卡的存储芯片写入数据并从其读取的方法,所述加密密钥用于编码和解码数据,所述方法包括:16. A method of writing data to and reading data from a memory chip of a memory card using, respectively, an encryption key for encoding and decoding data, the method comprising: 同时生成数据写入命令以及用于生成XOR密钥的信号,以及至少响应于所生成的信号而生成所述预定的已加密的XOR密钥;simultaneously generating a data write command and a signal for generating an XOR key, and generating said predetermined encrypted XOR key in response to at least the generated signal; 利用所述预定的已加密的XOR密钥顺序对预定的数据执行XOR运算,以获得已加密数据;performing an XOR operation on predetermined data sequentially using said predetermined encrypted XOR key to obtain encrypted data; 将所述预定的已加密数据存储在存储芯片中;storing the predetermined encrypted data in a memory chip; 同时生成数据读取命令以及用于生成所述预定的已加密的XOR密钥的信号,以及至少响应于所生成的信号而生成所述预定的已加密的XOR密钥;simultaneously generating a data read command and a signal for generating said predetermined encrypted XOR key, and generating said predetermined encrypted XOR key in response to at least the generated signal; 从所述存储芯片读取所述预定的已存储的已加密数据;reading the predetermined stored encrypted data from the memory chip; 利用所述预定的已加密的XOR密钥对所述预定的已加密数据顺序执行XOR运算,以获得对应于所述数据的已解码数据;以及sequentially performing an XOR operation on said predetermined encrypted data using said predetermined encrypted XOR key to obtain decoded data corresponding to said data; and 将所述预定的已解码的数据发送到存储卡的内部装置或者发送到外部装置之一。The predetermined decoded data is sent to an internal device of the memory card or to one of external devices. 17.如权利要求16所述的方法,其中将所述预定的已加密数据存储在存储芯片上的步骤包括:17. The method of claim 16, wherein the step of storing the predetermined encrypted data on a memory chip comprises: 在所述存储卡中生成数据写入命令和写入地址。A data write command and a write address are generated in the memory card. 18.如权利要求16所述的方法,其中生成所述数据读取命令和所述预定的已加密的XOR密钥的步骤包括在所述存储卡上生成数据读取命令和数据读取地址。18. The method of claim 16, wherein generating the data read command and the predetermined encrypted XOR key comprises generating a data read command and a data read address on the memory card. 19.如权利要求16所述的方法,其中将所述预定的已加密数据存储在所述存储芯片上的步骤包括将数据写入命令、写入地址和所述预定的已加密数据发送到所述存储卡,以及其中读取所述已存储的已加密数据的步骤包括将数据读取命令和数据读取地址发送到所述存储卡。19. The method of claim 16, wherein the step of storing the predetermined encrypted data on the memory chip comprises sending a data write command, a write address, and the predetermined encrypted data to the The above memory card, and wherein the step of reading the stored encrypted data includes sending a data read command and a data read address to the memory card. 20.如权利要求19所述的方法,其中在所述存储芯片上存储预定的已加密数据的步骤包括按照数据单元来存储所述预定的已加密数据。20. The method of claim 19, wherein storing predetermined encrypted data on the memory chip includes storing the predetermined encrypted data in units of data. 21.如权利要求20所述的方法,还包括:21. The method of claim 20, further comprising: 将所述预定的数据存储在所述存储卡的FIFO存储器中。storing the predetermined data in the FIFO memory of the memory card. 22.如权利要求21所述的方法,还包括:22. The method of claim 21, further comprising: 从所述存储卡的中央处理单元接收初始化密钥;以及receiving an initialization key from a central processing unit of the memory card; and 当收到所述数据写入命令和数据读取命令时,基于所述初始化密钥来生成所述预定的XOR密钥。When the data write command and the data read command are received, the predetermined XOR key is generated based on the initialization key. 23.如权利要求22所述的方法,其中所述相同的已加密的XOR密钥是响应于所述相同的初始化密钥而生成的。23. The method of claim 22, wherein the same encrypted XOR key is generated in response to the same initialization key. 24.如权利要求23所述的方法,其中用于加密预定的数据的所述初始化密钥被用于解码所述预定的已存储的已加密数据。24. The method of claim 23, wherein said initialization key used to encrypt predetermined data is used to decode said predetermined stored encrypted data. 25.如权利要求24所述的方法,还包括:25. The method of claim 24, further comprising: 存储所述初始化密钥。The initialization key is stored. 26.如权利要求24所述的方法,其中所述加密密钥生成器在生成所述预定的已加密的XOR密钥的第一预定的已加密的XOR密钥之后不再接收所述初始化密钥,以及作为输入而接收所述预定的已加密的XOR密钥的其它预定的已加密的XOR密钥,以连续地生成预定的已加密的XOR密钥。26. The method of claim 24, wherein the encryption key generator no longer receives the initialization key after generating a first predetermined encrypted XOR key of the predetermined encrypted XOR keys. key, and other predetermined encrypted XOR keys receiving said predetermined encrypted XOR key as input to continuously generate predetermined encrypted XOR keys. 27.如权利要求26所述的方法,还包括:27. The method of claim 26, further comprising: 将所述预定的已加密的XOR密钥存储到所述加密密钥生成器的XOR密钥FIFO中。storing the predetermined encrypted XOR key into the XOR key FIFO of the encryption key generator. 28.如权利要求27所述的方法,还包括:28. The method of claim 27, further comprising: 响应于接收到数据写入命令和所述写入地址,生成第一控制信号和第二控制信号,generating a first control signal and a second control signal in response to receiving a data write command and the write address, 其中所述执行XOR运算的步骤包括:Wherein the steps of performing the XOR operation include: 响应于所述第一控制信号而从所述FIFO存储器输出预定的数据;以及outputting predetermined data from the FIFO memory in response to the first control signal; and 响应于所述第二控制信号而从所述预定的已加密的XOR密钥FIFO存储器输出预定的已加密的XOR密钥。A predetermined encrypted XOR key is output from the predetermined encrypted XOR key FIFO memory in response to the second control signal. 29.如权利要求28所述的方法,还包括:29. The method of claim 28, further comprising: 当将所述预定的已加密数据传送到所述存储芯片时,检测数据错误;以及detecting a data error when transferring the predetermined encrypted data to the memory chip; and 计算并存储对应于所述预定的已加密数据的纠错值。An error correction value corresponding to the predetermined encrypted data is calculated and stored. 30.如权利要求29所述的方法,其中所述XOR运算是使用第二预定的已加密的XOR密钥而对第二预定的数据执行的,以获得第二预定的已加密数据,而使用第一预定的已加密的XOR密钥加密的第一预定的已加密数据被通过存储器接口而存储在所述存储芯片上。30. The method of claim 29, wherein the XOR operation is performed on the second predetermined data using a second predetermined encrypted XOR key to obtain the second predetermined encrypted data using First predetermined encrypted data encrypted by a first predetermined encrypted XOR key is stored on the memory chip through a memory interface. 31.如权利要求30所述的方法,其中所述生成预定的已加密的XOR密钥的步骤还包括:31. The method of claim 30, wherein said step of generating a predetermined encrypted XOR key further comprises: 根据所述数据读取命令和所述数据读取地址,在所述存储器接口中从存储芯片读取所述预定的已加密数据。The predetermined encrypted data is read from the memory chip in the memory interface according to the data read command and the data read address. 32.如权利要求31所述的方法,其中从所述存储芯片读取所述预定的已加密数据的步骤还包括:32. The method of claim 31 , wherein the step of reading the predetermined encrypted data from the memory chip further comprises: 当传送来自所述存储器接口的所述预定的已加密数据时,根据所存储的纠错值来纠正数据传输错误。When transmitting the predetermined encrypted data from the memory interface, data transmission errors are corrected according to the stored error correction value. 33.如权利要求32所述的方法,其中从所述存储芯片读取所述预定的已加密数据的步骤还包括:33. The method of claim 32, wherein the step of reading the predetermined encrypted data from the memory chip further comprises: 响应于接收到数据读取命令和数据读取地址来生成第三控制信号,generating a third control signal in response to receiving a data read command and a data read address, 其中执行所述XOR运算的步骤包括:Wherein the steps of performing the XOR operation include: 响应于所述第三控制信号,从所述存储器接口输出所述预定的已加密数据;以及outputting the predetermined encrypted data from the memory interface in response to the third control signal; and 响应于所述第二控制信号,从所述预定的已加密的XOR密钥FIFO存储器输出所述预定的已加密的XOR密钥。The predetermined encrypted XOR key is output from the predetermined encrypted XOR key FIFO memory in response to the second control signal. 34.如权利要求33所述的方法,其中所述传输已解码的数据的步骤还包括将所述预定的已解码数据存储在所述FIFO存储器中。34. The method of claim 33, wherein said step of transmitting decoded data further comprises storing said predetermined decoded data in said FIFO memory.
CN2007101676702A 2006-09-11 2007-09-11 Encryption processor of memory card and method for reading and writing data using it Active CN101149709B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020060087665A KR100836758B1 (en) 2006-09-11 2006-09-11 Encryption apparatus of memory card and data writing and reading method thereof
KR87665/06 2006-09-11

Publications (2)

Publication Number Publication Date
CN101149709A true CN101149709A (en) 2008-03-26
CN101149709B CN101149709B (en) 2011-07-06

Family

ID=39134666

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2007101676702A Active CN101149709B (en) 2006-09-11 2007-09-11 Encryption processor of memory card and method for reading and writing data using it

Country Status (4)

Country Link
US (2) US8054972B2 (en)
KR (1) KR100836758B1 (en)
CN (1) CN101149709B (en)
DE (1) DE102007044330B4 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101510245B (en) * 2009-03-06 2011-08-03 同方股份有限公司 High-speed encryption and decryption USB bridge chip and chip high-speed encryption and decryption method
CN110298181A (en) * 2019-05-14 2019-10-01 北京航空航天大学 Data encryption storage method, data decryption method and encrypted memory chip
CN111771353A (en) * 2018-02-16 2020-10-13 北欧半导体公司 Protecting encryption key data
CN114996725A (en) * 2022-05-06 2022-09-02 北京中科昊芯科技有限公司 Method for protecting development program and processor

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101537018B1 (en) * 2008-10-01 2015-07-17 삼성전자주식회사 Secure Memory Interface, System and Smart Card Including the same
US8291218B2 (en) * 2008-12-02 2012-10-16 International Business Machines Corporation Creating and using secure communications channels for virtual universes
JP5272751B2 (en) * 2009-01-26 2013-08-28 富士通セミコンダクター株式会社 Processor
KR20100133184A (en) * 2009-06-11 2010-12-21 삼성전자주식회사 Solid state drive unit
US8526363B2 (en) * 2010-01-13 2013-09-03 Sony Corporation Method and system for transferring data between wireless devices
US8958550B2 (en) * 2011-09-13 2015-02-17 Combined Conditional Access Development & Support. LLC (CCAD) Encryption operation with real data rounds, dummy data rounds, and delay periods
KR101363161B1 (en) * 2011-11-04 2014-02-13 주식회사 엘지씨엔에스 System for managing sharing
US9449169B2 (en) * 2012-03-26 2016-09-20 Vmware, Inc. Block storage virtualization on commodity secure digital cards
CA2955144C (en) 2014-07-16 2019-06-11 Bae Systems Information And Electronic Systems Integration, Inc. Flash memory device for storing sensitive information and other data
US10387662B2 (en) * 2014-07-16 2019-08-20 Jeffrey B. Canter Flash memory device for storing sensitive information and other data
JP6941971B2 (en) * 2017-05-15 2021-09-29 ラピスセミコンダクタ株式会社 Semiconductor storage device, memory controller and memory monitoring method
FR3074936B1 (en) * 2017-12-11 2020-08-14 Stmicroelectronics (Grenoble 2) Sas PROCESS FOR WRITING A SET OF INFORMATION, FOR EXAMPLE A PROGRAM CODE, ENCRYPTED IN AN EXTERNAL MEMORY OF AN INTEGRATED CIRCUIT AND CORRESPONDING INTEGRATED CIRCUIT
KR102588600B1 (en) 2018-11-12 2023-10-16 에스케이하이닉스 주식회사 Data Storage Device and Operation Method Thereof, Storage System Having the Same
KR102172267B1 (en) 2018-12-14 2020-10-30 한국기초과학지원연구원 Epigallocatechin gallate dimer, Preparing method thereof and Cosmetic composition using the same
US11838402B2 (en) 2019-03-13 2023-12-05 The Research Foundation For The State University Of New York Ultra low power core for lightweight encryption

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH113284A (en) 1997-06-10 1999-01-06 Mitsubishi Electric Corp Information storage medium and security method thereof
KR100596939B1 (en) * 1997-10-23 2006-07-07 시게이트 테크놀로지 엘엘씨 Alternate Randomization of Even / Odd Data Tracks
US20020044651A1 (en) 2000-05-16 2002-04-18 Tuvell Walter E. Method and apparatus for improving the security of cryptographic ciphers
JP2002328845A (en) * 2001-05-07 2002-11-15 Fujitsu Ltd Semiconductor integrated circuit and IC card security protection method
JP2003256282A (en) * 2002-02-28 2003-09-10 Matsushita Electric Ind Co Ltd Memory card
TWI227395B (en) 2003-06-02 2005-02-01 Genesys Logic Inc Method for parallel processing of memory data and error correction code and related device thereof
WO2005004382A1 (en) 2003-07-08 2005-01-13 Fujitsu Limited Encryption/decryption device
DE60321783D1 (en) * 2003-07-24 2008-08-07 Hitachi Ltd Error correction for cryptographic keys
DE10345385B4 (en) * 2003-09-30 2005-10-06 Infineon Technologies Ag Decryption or encryption when writing to a memory
CN100356342C (en) * 2003-11-18 2007-12-19 株式会社瑞萨科技 Information processing unit
CN1632828A (en) * 2003-12-24 2005-06-29 劲永国际股份有限公司 A USB interface data processing card for data encryption protection
EP1587037A1 (en) 2004-03-16 2005-10-19 Infineon Technologies AG Method and system for storing and accessing data
KR20050115151A (en) * 2004-06-03 2005-12-07 삼성전자주식회사 Memory card capable of storing security data and operating method of memory card
JP2006023957A (en) 2004-07-07 2006-01-26 Sony Corp Semiconductor integrated circuit and information processor
US7602905B2 (en) * 2004-09-01 2009-10-13 Texas Instruments Incorporated Processes, circuits, devices, and systems for encryption and decryption and other purposes, and processes of making
TW200616405A (en) * 2004-09-30 2006-05-16 Synaptic Lab Ltd Method of and apparatus for partitioning of a bitstream
US7184327B2 (en) * 2005-04-14 2007-02-27 Micron Technology, Inc. System and method for enhanced mode register definitions
DE102005028221B4 (en) * 2005-06-17 2007-10-11 Infineon Technologies Ag Device and method for protecting the integrity of data
US7437500B2 (en) * 2005-08-05 2008-10-14 Lsi Corporation Configurable high-speed memory interface subsystem

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101510245B (en) * 2009-03-06 2011-08-03 同方股份有限公司 High-speed encryption and decryption USB bridge chip and chip high-speed encryption and decryption method
CN111771353A (en) * 2018-02-16 2020-10-13 北欧半导体公司 Protecting encryption key data
CN111771353B (en) * 2018-02-16 2024-06-04 北欧半导体公司 Protecting encryption key data
CN110298181A (en) * 2019-05-14 2019-10-01 北京航空航天大学 Data encryption storage method, data decryption method and encrypted memory chip
CN114996725A (en) * 2022-05-06 2022-09-02 北京中科昊芯科技有限公司 Method for protecting development program and processor

Also Published As

Publication number Publication date
KR100836758B1 (en) 2008-06-10
DE102007044330A1 (en) 2008-04-03
US20120005488A1 (en) 2012-01-05
US20080075279A1 (en) 2008-03-27
US8054972B2 (en) 2011-11-08
DE102007044330B4 (en) 2024-11-14
CN101149709B (en) 2011-07-06
KR20080023595A (en) 2008-03-14

Similar Documents

Publication Publication Date Title
CN101149709A (en) Encryption processor of memory card and method for reading and writing data using it
CN106470102B (en) Cryptographic device, storage device with cryptographic device, and encryption and decryption methods thereof
US20090125726A1 (en) Method and Apparatus of Providing the Security and Error Correction Capability for Memory Storage Devices
CN102138300B (en) Application of message authentication code precomputation in secure memory
US9418246B2 (en) Decryption systems and related methods for on-the-fly decryption within integrated circuits
US9544138B2 (en) Authenticator, authenticatee and authentication method
CN111082925B (en) Embedded system encryption protection device and method based on AES algorithm and PUF technology
US9160534B2 (en) Authenticator, authenticatee and authentication method
US20090316899A1 (en) Encryption/decryption device and security storage device
US9191210B2 (en) Authenticator, authenticatee and authentication method
JP2010509690A (en) Method and system for ensuring security of storage device
US20200358613A1 (en) Improvements in and relating to remote authentication devices
CN112416243B (en) Memory device and method for executing security commands
CN111008407A (en) Encryption circuit for performing virtual cryptographic operations
CN112887077A (en) Random cache security method and circuit for SSD (solid State disk) master control chip
US20250112760A1 (en) Memory device and method for data encryption/decryption of memory device
CN116635853A (en) Memory systems and devices including instances that access memory and use authenticated stream ciphers to generate access codes
US9049026B2 (en) Authenticator, authenticatee and authentication method
TW202326491A (en) Apparatus and method for detecting errors during data encryption
CN117997797A (en) Error detecting device for data encryption
CN113158203A (en) SOC chip, circuit and external data reading and writing method of SOC chip
TW202420088A (en) Apparatus for detecting errors during data encryption
TW202439180A (en) Apparatus and method for expanding round keys during data encryption
JP2010039779A (en) Reader/writer, information reading method, communication system, and communication method
CN117375806A (en) Cipher device and cipher method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant